AnonNews allows Google to track commenters with reCAPTCHA

anonnewsprivacysrape AnonNews allows Google to track commenters with reCAPTCHA

This was a real Captcha, sent in by a reader. The Completely Automated Public Turing Test To Tell Computers and Humans Apart has gained a consciousness of its own, and is warning us.

The Internet–Chronicle.SU went on the record before reporters Tuesday to apologize for months of unauthorized data-mining of hundreds of thousands of readers.

A Chronicle.SU insider, known only as Media Mogul, spoke on-stage from behind a curtain. He said, “A particularly scathing piece of anti-Google propaganda from our friends at p2pNet graced AnonNews early this morning. This led Chronicle.SU to the conclusion that we must boycott the data-mining malware known as Google-Analytics completely, along with any and all similar forms of spyware which compromise user data – and more importantly – the golden integrity of the infallible and glorious Chronicle.SU.”

And in a flash of light he was gone, followed immediately by the appearance of Kilgore Trout, Executive Editor of the Chronicle.SU.

Trout said, “We will gladly publish any details upon request,” adding, “those who use noscript are not affected by our leak to Google.”

“As should be expected,” Trout said sneeringly, “this highly interesting piece from p2pnet wasn’t ‘relevant’ enough for AnonNews. But I believe many of you will be shocked to find out AnonNews currently employs a piece of Google code to ‘keep out spammers’ known as reCAPTCHA. Its privacy policy leaves much to be desired.”

reCAPTCHA Privacy Policy – by Google

Those who use noscript are unable to comment on AnonNews without disabling their security to Google tracking cookies. forces users to either compromise their anonymity or hide, like cowards, behind a proxy, which still does nothing to prevent the cookies.

Should Anonymous fear its own “news source?”

analleak 300x179 AnonNews allows Google to track commenters with reCAPTCHA

Geographical distribution of Chronicle.SU readers who don't use noscript.

22 comments to AnonNews allows Google to track commenters with reCAPTCHA

  • i$elwepunz uses google as default sign in, bcuz google is allowed to store information since its a “search engine”

  • according to wiki: captcha

    Human solversCAPTCHA is vulnerable to a relay attack that uses humans to solve the puzzles. One approach involves relaying the puzzles to a group of human operators who can solve CAPTCHAs. In this scheme, a computer fills out a form and when it reaches a CAPTCHA, it gives the CAPTCHA to the human operator to solve.

    Spammers pay about $0.80 to $1.20 for each 1,000 solved CAPTCHAs to companies employing human solvers in Bangladesh, China, India, and many other developing nations.[18] Other sources cite a price tag of as low as $0.50 for each 1,000 solved.[19]

    Another approach involves copying the CAPTCHA images and using them as CAPTCHAs for a high-traffic site owned by the attacker. With enough traffic, the attacker can get a solution to the CAPTCHA puzzle in time to relay it back to the target site.[20] In October 2007, a piece of malware appeared in the wild which enticed users to solve CAPTCHAs in order to see progressively further into a series of striptease images.[21][22] A more recent view is that this is unlikely to work due to unavailability of high-traffic sites and competition by similar sites.[23]

    These methods have been used by spammers to set up thousands of accounts on free email services such as Gmail and Yahoo!.[24] Since Gmail and Yahoo! are unlikely to be blacklisted by anti-spam systems, spam sent through these compromised accounts is less likely to be blocked.

    [edit] Legal concernsThe circumvention of CAPTCHAs may violate the anti-circumvention clause of the Digital Millennium Copyright Act (DMCA) in the United States. In 2007, Ticketmaster sued software maker RMG Technologies[25] for its product which circumvented the ticket seller’s CAPTCHAs on the basis that it violated the anti-circumvention clause of the DMCA. In October 2007, an injunction was issued stating that Ticketmaster would likely succeed in making its case.[26] In June 2008, Ticketmaster filed for default judgment against RMG. The Court granted Ticketmaster the default and entered an $18.2M judgment in favor of Ticketmaster.

    i thought for a second i was reading an article @the.chronicle

  • Anonymous

    It is true. I use noscript religiously and MUST be allowed to be able to type in the captcha. Makes you wonder …

  • Anonymous

    Its true. I use noscript religiously and you must allow to comment. Makes you wonder …